1. Field of the Invention
The present invention relates to an auditing system for misuse of an image information, and more particularly, to an auditing system for misuse of the image information, which stores the image information recorded by an image recording device as a file; transmits a log which is related to suspected misuse behaviors to the stored file to an auditing server in order to determine whether the stored file was misused; transmits information as to whether a user's access log to the stored file, an image deletion log, an image copy log, and an image view log have been modified to the auditing server; determines whether misuse occurred in view of a misuse behavior pattern; and in a case that misuse occurs generates misuse alarm data thereby notifying a user's terminal of such misuse.
2. Description of the Related Art
According to CCTV Installation and Operation Guidelines, “[a] principal must designate an area to browse and to play image information received from a CCTV as a restricted area and control entry and exit of an unauthorized person strictly from the area. An authority to access image information obtained by the CCTV is limited to a supervisor and the least personnel designated by the principal. The principal must carry out a regular inspection to determine whether the CCTV is functioning, and must maintain correct records of the inspection. The principal must take a technical/operational safety measure to prevent an illegal access to image information, a modification, outflow or damage of image information.” The guidelines also state, “[i]mage information obtained by the CCTV should be deleted immediately after the expiration of the storage period that the regulation specifies. However, when it is difficult to determine the minimum period required to achieve the storage purpose, then the storage period should be within thirty days of obtaining image information.”
In addition, CCTV Operation Guidelines of Public Institutions state, “[t]he head of an organization must take a safety measure to prevent a loss, theft, outflow, modification, or damage of image information when the image information is handled or transmitted through information communication networks under the Article 2, Subsection 7 of the Electronic Government Act. The head may depute a handling of image information to a specialized institution or agency. In this case, the head of an organization must take a safety measure to prevent a loss, theft, outflow, modification, or damage of image information.” The guidelines also state that “[i]mage information obtained by the CCTV should be deleted immediately after the expiration of the storage period that the regulation specifies. However, when it is difficult to determine the minimum period required to achieve the storage purpose due to a feature of the institution, then the storage period should be within thirty days of obtaining image information.”
However, the misuse of private image information is caused by an outflow of image information stored in an image recording device installed for public purposes. This has led the public to feel that they have been victimized and to file a civil complaint. Thus, there should be a minimum operational measure to prevent an invasion of privacy at a private space and to obtain public image information.
A prior art, Korean Patent Publication No. 10-2009-0090641 describes a system for active security surveillance, which is a typical system for monitoring. The system for active security surveillance is installed to a home gateway of a home network system. The system monitors data which is transmitted to the outside of the network or received from the outside of the network. The system comprises an intrusion detecting unit, an event controller, a threat controller and a database. An intrusion detecting unit detects the illegal intrusion by comparing the data packet information received from the outside of the network with the intrusion pattern information stored in the database. The intrusion detecting unit blocks the detected intrusion and generates and transmits the intrusion detection/block event log to an event controller. A threat controller monitors the network flow, detects an anomaly, and analyzes the detected anomaly. The threat controller produces the analyzed information to the event log, and transmits the event log to the event controller. The event controller integrally processes the event log received from the intrusion detecting unit and the threat controller. A database stores the intrusion pattern information and the information processed in the event controller.
The system of the first prior art can detect and handle the illegal intrusion. However, it cannot extract the behavior pattern suspected of the misuse of the image information.
Korean Patent No. 10-0822017 describes an intelligent monitoring system and a method thereof. The system comprises a camera unit, a central monitoring unit, a remote place monitoring unit, a network unit, an image reception processing unit and an image variation sensing unit. A camera unit includes a pan/tilt/zoom camera and one or more sub cameras for photographing a monitored region without a dead zone. A central monitoring unit transmits a driving control signal for the camera unit and an image association control signal, for information about the image photographed by the camera unit, through a communication interworking apparatus. A remote place monitoring unit controls the camera unit by receiving the driving control signal and the image association control signal from the central monitoring unit through the communication interworking apparatus, associates the photographed images, and stores and transmits the photographed and associated images. A network unit confirms images, which is photographed or being photographed by the camera unit, through internet and monitors and controls the images in real time. An image reception processing unit receives and processes images transmitted from the remote place monitoring unit. An image variation sensing unit senses the object operation variation of a predetermined amount or more through a motion sensor connected with the sub camera while the sub camera photographs the monitored region.
The system of the prior art solved a problem regarding the identification of a subject when images were photographed from a remote place and stored in the image reception processing unit at once. However, it cannot extract the behavior pattern suspected of the misuse of the images.
Although there are many other monitoring systems other than prior arts stated above, there were no technologies having an agent installed in the image recording device that can obtain data for the purpose of determining whether the image was misused. Also no disclosures reveal an auditing server that uses the collected data to determine whether the image was misused.